Protecting Sensitive Financial Data Across the Globe: How ABLC Secured Its Field Examination Team

Client Overview

Asset Based Lending Consultants, Inc. (ABLC) is the global leader in field examinations, founded in 1986 by Donald F. Clarke. For nearly 40 years, ABLC's team of highly skilled examiners has conducted comprehensive field examinations, collateral audits, new loan surveys, quality of earnings certifications, and problem loan workouts for some of the world's most recognized financial institutions — including JP Morgan, City National Bank, BankUnited, and Amerant.

The nature of ABLC's work is inherently mobile and inherently global. Examiners travel to client locations — warehouses, corporate offices, manufacturing facilities, and regional headquarters — across the United States and internationally in Ireland, Mexico, Australia, India, and the Caribbean. On every engagement, they are connected to whatever network is available at the client site, while handling accounts receivable aging reports, inventory valuations, bank reconciliations, borrower financial statements, and lender credit documentation.

Protecting that data — data that belongs to both the borrowing businesses and the lenders who retain ABLC — is a professional and contractual obligation that the firm has upheld for nearly four decades. As the threat landscape targeting financial data has intensified, maintaining that standard required a security solution that could keep pace with a global, constantly mobile team.

The Challenge

The firm's core operational model created a cybersecurity challenge that most enterprise security solutions are not designed to solve: how do you maintain consistent data protection for a team that never works from the same place twice?

In a traditional office environment, an IT team controls the network perimeter. For a field examination firm, that perimeter is wherever the consultant happens to be sitting that day — a conference room at a mid-market manufacturer, a back office at a distributor, a hotel business center between site visits. Each of those environments carries its own unknown security risks.

Specific vulnerabilities the firm identified included:

• Uncontrolled client network environments. Consultants regularly connected to their own firm's systems and cloud platforms using the borrower's internal network — a network managed by the client, not the firm. The security posture of those networks varied enormously, and consultants had no visibility into whether those environments were monitored, shared, or properly segmented.
• Financial data exposure in transit. During examinations, consultants transmitted sensitive borrower financials back to firm systems — account aging data, collateral schedules, and audit workpapers containing detailed credit information. That data moving over unencrypted connections represented a real exposure risk, particularly given the regulatory sensitivity of the information involved.
• Public and hotel network risk. Between client sites, consultants worked from hotels, airports, and coffee shops. These networks are well-documented vectors for man-in-the-middle attacks and passive traffic interception — exactly the kind of exposure that is unacceptable when the data in transit includes borrower financial records.
• No consistent security baseline across the field team. Without a standardized, enforced VPN policy, individual consultants made their own decisions about how — and whether — to protect their connections. The result was an uneven security posture that the firm could not document or defend.
• Lender and client trust at stake. The financial institutions that retain the firm expect their collateral data to be handled with the same discretion they apply internally. A data incident involving borrower financials would not only damage the firm's reputation — it could expose them to significant liability with lending clients who rely on them as a trusted third party.

The Solution

ABLC selected CyberFence to establish a consistent, enforced security standard across its entire global field examination team — one that required no IT expertise to deploy, no client-side configuration, and no change to how examiners actually work in the field.

Deployment was straightforward. ABLC examiners installed the CyberFence app on their laptops and mobile devices. From that point forward, every connection — regardless of whether it was made from a borrower's conference room in Miami, a hotel lobby in Dublin, or a manufacturing facility in Mexico City — was encrypted before leaving the device.

Key elements of the deployment:

• AES-256-GCM encryption on every connection. All data transmitted between consultant devices and firm systems — financial workpapers, borrower data, lender documentation — is encrypted end-to-end regardless of the underlying network. The security of the client's internal network becomes irrelevant to the firm's data protection posture.
• Web Shield DNS threat blocking. Consultants working from client sites and hotels are actively protected against malicious domains, phishing infrastructure, and malware distribution sites at the DNS layer — before a connection is ever established. For a team accessing financial systems across dozens of different environments each month, this layer of proactive threat blocking is significant.
• Zero-logs policy. CyberFence retains no records of consultant browsing activity, connection histories, or DNS queries. Borrower financial data accessed through the VPN is never logged or retained by the VPN provider — an important assurance for a firm that handles confidential client information under non-disclosure agreements.
• US-operated infrastructure. All CyberFence servers and operations are based in the United States, under US law. For financial consulting work that often involves lenders with their own data handling requirements, domestic jurisdictional clarity matters.
• Simple, consistent deployment across all devices. Windows laptops, Macs, iPhones, and Android devices — all covered under a single account. Consultants do not need to configure anything. They open the app, connect, and they are protected.

Results and Impact

The most significant outcome was the establishment of a consistent, global security standard across ABLC's entire examiner team. Every consultant — whether working in a US bank's back office or on an international engagement in Ireland, Australia, or the Caribbean — now connects through the same AES-256-GCM encrypted tunnel. The uneven, engagement-by-engagement security posture was replaced with a uniform policy that ABLC can document and defend to every lender client they serve.

For ABLC's leadership, the ability to tell clients like JP Morgan and City National Bank that all field work — across every country and every network — is conducted over AES-256-GCM encrypted connections with a verified zero-logs VPN is a meaningful differentiator. In a business built on confidentiality and trust, a documented security posture strengthens ABLC's credibility as the partner of choice for the world's leading lending institutions.

The Web Shield layer added active threat protection that had not previously existed for field teams. Consultants working from client sites and hotel networks are now protected against the phishing and malware infrastructure that is increasingly used to target professionals handling sensitive financial data.

Operationally, the simplicity of CyberFence meant that the firm achieved all of this without adding IT overhead, without changing how consultants work, and without requiring any involvement from the client organizations where the work takes place.

Key Benefits

• 🔒
  Encrypted access from every client site and network

  AES-256-GCM encryption on every connection — client offices, hotels, airports, and home — regardless of the security posture of the underlying network.

• 🛡️
  DNS-layer threat blocking in the field

  Web Shield actively blocks phishing domains and malware sites before connections are made — protecting consultants who access financial systems across dozens of environments each month.

• 📋
  Consistent, documentable security standard

  A firm-wide policy that applies uniformly to every consultant, on every engagement — replacing inconsistent individual practices with a single auditable baseline.

• 📵
  Zero-logs privacy for confidential client data

  Borrower financial records accessed through CyberFence are never logged or retained by the VPN provider — supporting the firm's NDA obligations and data handling commitments to lender clients.

• ⚡
  No IT overhead — works on any device, anywhere

  Windows, Mac, iOS, and Android all covered under one account. Consultants install the app and are protected immediately — no configuration, no client-side IT involvement required.

• 🏛️
  US-operated, domestic jurisdiction

  All CyberFence infrastructure and operations are governed by US law — supporting the data handling expectations of financial institution clients operating under domestic regulatory frameworks.